SECURING APACHE SITES WITH SAML
So I recently have fallen in love with single sign on. I really like centralized user management, and being able to adapt it into many different application is really sweet. Plus, it makes compliance people happy! One feature I like is the ability to secure arbitrary Apache websites with it using a plugin called Mellon. Basically this acts like the native apache authentication, but rather than present a window for a username and password, it redirects you to your SSO provider to login.
Read moreUSING FOUNDATION FOR EMAILS (INKY) IN A PHP APPLICATION
One framework that I instantly fell in love with was Inky. Having built a number of emails using pure HTML, having the shorthand syntax was amazing. Coupling it with the inliner and CSS in Foundation for Emails, it’s dead simple to write a good looking email. Just one problem: Foundation for Emails assumes you’re either writing emails as standalone units, or integrated into a Node.JS application. What are you to do if you’re, say, running a PHP Symfony application?
Read moreABOUT MY MIGRATION TO AWS
After a long a deep think, I’ve decided to retire my physical hardware and migrate all of my machines to Amazon Web Services. It wasn’t an easy choice, and I feel like I need to spend some time explaining why, just get some things off my chest. Reason #1 - Our Hardware is End Of Life Most of the reasons we’re moving are related to our hardware approaching the end of its useful life.
Read moreGNUCASH TEMPLATE FOR HARLAND CLARKE LASER 417 CHECKS
So this is kinda random, but I needed a template to make these checks work with GnuCash. So if some other lazy soul wants to use it, here it is :) [Top] Guid = c226b43c-1e06-417d-a191-e3e78a789341 Title = Harland Clarke Laser 417 Checks [Check Positions] Height = 250.0 Names = Top;Middle;Bottom [Check Items] Type_1 = PAYEE Coords_1 = 75.0;95.0 Type_2 = AMOUNT_NUMBER Coords_2 = 500.0;102.0 Type_3 = AMOUNT_WORDS Coords_3 = 75.0;120.0; Type_4 = ADDRESS Coords_4 = 75.
Read moreSMART FAILOVER WITH REDIS SENTINEL AND KEEPALIVED
Through some Google-fu and some other great tutorials, I’ve successfully setup a groups of Redis machines with automatic failover detection via keepalived and sentinel. This sounds mundane, but lets you setup another layer of protection for your Redis cluster without lots of extra configuration. Background – Redis Sentinel and Keepalived Redis Sentinel makes it pretty easy to setup a group of replicated Redis machines and elect new master nodes when others are offline.
Read moreADDING A FIREWALL RULE TO DEBIAN 9
Not too long ago in the Linux world, firewall rules were complex. iptables did its job very well, but managing rules was daunting for a newcomer. Debian 9 introduces some changes that make it pretty simple to add a firewall rule. Usually firewall rules are taken care of automatically, when you install a program it takes care of opening up the required ports for itself. In some cases, software can conflict and that is what happened in my case.
Read moreAUTOWIRED TRAITS IN SYMFONY
This is something that I think is pretty slick in Symfony. With 3.3, Symfony introduced the idea of autowired services. Basically, you just put a type hint for what you need and the container injects the correct service as if by magic. You can take advantage of this in some more unusual places that aren’t immediately apparent after reading the documentation. In my case, I had a controller trait that provides some common functions but it needs to interface with some services to do this.
Read moreOUTAGE SEPTEMBER 15 2017
Today, The Storehouse experienced an outage that lasted approximately 12 hours. This was caused due to updates performed late the night before and services restarting during that process. Last night I ran upgrades of the servers that run The Storehouse, including our three ProxmoxVE nodes. When the upgrades on these nodes were complete, the nodes had an updated kernel version and needed to restart to use the new kernel Restarting is usually a painless process in our environment.
Read moreELIMINATING CRON JOBS IN AN APPLICATION
When you have an application, there’s inevitably some things that just need to be done periodically. These aren’t tied directly to user actions, so the quick answer is usually cron. It’s easy to setup, but when it breaks it can cause subtle issues that may impact your customers or application. It’s simple to setup a script that does whatever needs done, and it’s equally easy to tell cron to execute the script at regular intervals.
Read moreUBIQUITI EDGEROUTER OPENVPN CLIENT CONFIG
One thing that’s really handy for your Ubiquiti EdgeRouter is to have it act as a VPN client. This gives all hosts on your network the ability to access the remote VPN without having to login. Setting it up with pfSense is straightforward and pretty easy with the right tools. Setup pfSense In our case, we’re using pfSense as the VPN server. Setting up pfSense is beyond the scope of this particular guide, but there is a handy tool that makes setup much simpler.
Read more